Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/d49c21-dead-4dc4-9478-a10b7cc98bc8/1/VhsMf35uUi3sCJKu5-_t52Wytio.roa
File: VhsMf35uUi3sCJKu5-_t52Wytio.roa (raw, json)
Hash identifier: p9DZVCr3CHr89mXOMxDZh2CeMcGSI7dlcExCRdyUmN8=
Subject key identifier: 56:1B:0C:7F:7E:6E:52:2D:EC:08:92:AE:E7:EF:ED:E7:65:B2:B6:2A
Certificate issuer: /CN=f95f5a35738c3229e2f4394500c322c8275a97a2
Certificate serial: 018CC26CF9D8D02332FB0C55B9A629E9D69D
Authority key identifier: F9:5F:5A:35:73:8C:32:29:E2:F4:39:45:00:C3:22:C8:27:5A:97:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-V9aNXOMMini9DlFAMMiyCdal6I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/d49c21-dead-4dc4-9478-a10b7cc98bc8/1/VhsMf35uUi3sCJKu5-_t52Wytio.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212462
IP address blocks: 193.3.129.0/24 maxlen: 24
2a10:fc00::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/d49c21-dead-4dc4-9478-a10b7cc98bc8/1/1-V9aNXOMMini9DlFAMMiyCdal6I.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/d49c21-dead-4dc4-9478-a10b7cc98bc8/1/1-V9aNXOMMini9DlFAMMiyCdal6I.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-V9aNXOMMini9DlFAMMiyCdal6I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f9:d8:d0:23:32:fb:0c:55:b9:a6:29:e9:d6:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f95f5a35738c3229e2f4394500c322c8275a97a2
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=561b0c7f7e6e522dec0892aee7efede765b2b62a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:90:32:14:02:58:ae:5a:a3:b8:0c:a0:43:74:
82:1f:7e:c8:ec:57:35:9b:4f:e7:83:84:a6:92:f5:
41:70:40:ab:2a:c8:27:3a:52:df:fd:30:a2:92:02:
82:da:64:e1:7c:19:36:a2:1a:55:2e:11:3a:42:c9:
e9:5c:94:e6:4a:6a:98:dd:be:3f:85:3c:a5:6b:bd:
5f:71:29:93:08:45:b8:d5:14:27:32:17:7d:44:77:
a3:46:2f:50:cf:38:fb:b1:ff:18:cf:84:1c:42:26:
03:63:2d:ae:0c:dc:fe:63:54:ba:5c:64:19:ac:fb:
1a:10:ba:e8:ce:a6:fb:4a:d6:7f:39:b7:6c:33:cd:
3e:58:cc:0b:2c:29:dc:62:34:04:e2:77:66:77:f5:
5d:1a:7b:ee:0c:a9:3b:ea:7f:1e:7c:bc:ef:b8:02:
63:f8:d0:ed:f1:56:bf:bf:7a:a6:ac:16:6c:fe:58:
23:52:ac:77:31:b0:48:b2:73:69:32:3f:8d:51:ac:
ec:eb:9c:e3:82:e6:7c:e6:0c:3d:e6:4d:ae:16:eb:
0c:e5:26:8c:80:e6:04:fc:31:41:a0:5b:84:1b:e2:
09:db:52:8c:a2:c0:a7:9e:5b:dc:5d:b4:1a:02:94:
f1:fe:ff:9f:53:e3:fa:8f:98:5a:c9:b7:fe:6c:89:
c4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1B:0C:7F:7E:6E:52:2D:EC:08:92:AE:E7:EF:ED:E7:65:B2:B6:2A
X509v3 Authority Key Identifier:
keyid:F9:5F:5A:35:73:8C:32:29:E2:F4:39:45:00:C3:22:C8:27:5A:97:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-V9aNXOMMini9DlFAMMiyCdal6I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/d49c21-dead-4dc4-9478-a10b7cc98bc8/1/VhsMf35uUi3sCJKu5-_t52Wytio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/d49c21-dead-4dc4-9478-a10b7cc98bc8/1/1-V9aNXOMMini9DlFAMMiyCdal6I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.129.0/24
IPv6:
2a10:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
67:04:96:ce:56:f8:c6:11:08:7b:63:11:5b:82:3f:59:19:7c:
95:b8:cd:dd:2b:d3:1b:6d:fa:93:80:e5:bc:2e:85:a4:08:0a:
b9:fb:98:f4:4e:a3:36:91:ed:6d:94:3c:03:b8:3c:b5:1e:32:
06:3f:7a:55:a4:50:2d:eb:bd:74:85:17:51:1f:47:40:0a:cf:
32:e0:08:11:f3:b0:2b:2c:a6:e3:06:4b:89:58:43:39:6e:58:
b6:23:d6:38:b7:0d:ae:3a:5a:ed:c1:e5:be:d4:6a:e4:1a:0a:
45:75:92:65:a1:f2:e8:7c:da:21:b3:1e:d9:db:78:a4:20:e7:
1f:f9:bd:7d:d3:7f:ba:f6:ec:86:d4:52:ba:c8:f0:3a:1b:1c:
e1:3b:5a:3b:db:6e:0c:bd:92:d5:cf:e6:70:24:7d:19:65:54:
d3:e3:4a:63:8d:27:6d:da:63:02:e4:54:21:d9:9d:eb:ab:62:
70:a8:5b:d3:ca:e8:5f:84:bf:fd:59:46:c3:e3:11:7d:32:80:
8e:f8:33:30:8e:56:1a:4f:bc:8f:17:a0:e8:25:02:8b:f7:8b:
6b:0a:80:74:4a:fb:6e:25:31:92:6f:55:65:e5:e2:fe:b4:47:
30:bb:63:35:17:33:04:dd:92:8f:81:8a:2c:bd:f5:12:f7:40:
8c:f8:78:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbPnY0CMy+wxVuaYp6dadMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NWY1YTM1NzM4YzMyMjllMmY0Mzk0NTAwYzMyMmM4Mjc1
YTk3YTIwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjFiMGM3ZjdlNmU1MjJkZWMwODkyYWVlN2VmZWRlNzY1YjJiNjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5AyFAJYrlqjuAygQ3SCH37I7Fc1
m0/ng4SmkvVBcECrKsgnOlLf/TCikgKC2mThfBk2ohpVLhE6QsnpXJTmSmqY3b4/
hTyla71fcSmTCEW41RQnMhd9RHejRi9Qzzj7sf8Yz4QcQiYDYy2uDNz+Y1S6XGQZ
rPsaELrozqb7StZ/ObdsM80+WMwLLCncYjQE4ndmd/VdGnvuDKk76n8efLzvuAJj
+NDt8Va/v3qmrBZs/lgjUqx3MbBIsnNpMj+NUazs65zjguZ85gw95k2uFusM5SaM
gOYE/DFBoFuEG+IJ21KMosCnnlvcXbQaApTx/v+fU+P6j5haybf+bInEQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFYbDH9+blIt7AiSrufv7edlsrYqMB8GA1UdIwQY
MBaAFPlfWjVzjDIp4vQ5RQDDIsgnWpeiMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1WOWFOWE9NTWluaTlEbEZBTU1peUNkYWw2SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEvZDQ5YzIxLWRlYWQtNGRjNC05NDc4
LWExMGI3Y2M5OGJjOC8xL1Zoc01mMzV1VWkzc0NKS3U1LV90NTJXeXRpby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDEvZDQ5YzIxLWRlYWQtNGRjNC05NDc4LWExMGI3Y2M5OGJj
OC8xLzEtVjlhTlhPTU1pbmk5RGxGQU1NaXlDZGFsNkkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBADBA4Ew
DQQCAAIwBwMFAyoQ/AAwDQYJKoZIhvcNAQELBQADggEBAGcEls5W+MYRCHtjEVuC
P1kZfJW4zd0r0xtt+pOA5bwuhaQICrn7mPROozaR7W2UPAO4PLUeMgY/elWkUC3r
vXSFF1EfR0AKzzLgCBHzsCsspuMGS4lYQzluWLYj1ji3Da46Wu3B5b7UauQaCkV1
kmWh8uh82iGzHtnbeKQg5x/5vX3Tf7r27IbUUrrI8DobHOE7Wjvbbgy9ktXP5nAk
fRllVNPjSmONJ23aYwLkVCHZneurYnCoW9PK6F+Ev/1ZRsPjEX0ygI74MzCOVhpP
vI8XoOglAov3i2sKgHRK+24lMZJvVWXl4v60RzC7YzUXMwTdko+Biiy99RL3QIz4
eOQ=
-----END CERTIFICATE-----
Generated at Thu May 23 00:55:00 2024 by rpki-client on console-ams.rpki-client.org